Help for a girl who's not really computer savvy please.

Ok so I did the above. When it came time to paste the above line it wouldn't let me so I manually typed it in and this is the message that showed up in the lower box:
'gmer-del' is not recognized as an internal or external command,
operable program or batch file.

Hello.
Because there is a space between gmer and -

gmerSPACE-del

Command was successfully execute
This is all it copied. Was it not finished?

I need the new log now to see if the rootkit is gone.

Hello.
Nevermind about the new log, I think it's gone now, but see if the avenger will run now and execute the script given.

GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2009-01-20 16:59:31
Windows 5.1.2600 Service Pack 3


---- System - GMER 1.0.14 ----

SSDT 84994128 ZwAlertResumeThread
SSDT 84986858 ZwAlertThread
SSDT 84987698 ZwAllocateVirtualMemory
SSDT 849991A8 ZwConnectPort
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwCreateKey [0xF3A28A20] <-- ROOTKIT !!!
SSDT 849B4CC8 ZwCreateMutant
SSDT 84990870 ZwCreateThread
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteKey [0xF3A28C90] <-- ROOTKIT !!!
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteValueKey [0xF3A29350] <-- ROOTKIT !!!
SSDT 8499D3E8 ZwFreeVirtualMemory
SSDT 849AE600 ZwImpersonateAnonymousToken
SSDT 849A2BD0 ZwImpersonateThread
SSDT 8498C3D8 ZwMapViewOfSection
SSDT 84986890 ZwOpenEvent
SSDT 8499D420 ZwOpenProcessToken
SSDT 849A13E0 ZwOpenThreadToken
SSDT 84A15EF8 ZwQueryValueKey
SSDT 8499D858 ZwResumeThread
SSDT 84991EA0 ZwSetContextThread
SSDT 84980CC8 ZwSetInformationProcess
SSDT 84991E30 ZwSetInformationThread
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwSetValueKey [0xF3A29580] <-- ROOTKIT !!!
SSDT 849C1A28 ZwSuspendProcess
SSDT 84991E68 ZwSuspendThread
SSDT 8499CA28 ZwTerminateProcess
SSDT 84993D40 ZwTerminateThread
SSDT 8499C9F0 ZwUnmapViewOfSection
SSDT 8498A728 ZwWriteVirtualMemory

Code fd5c49aced94763cd8b4c7ddb71bf468.sys (ckmd/Noves Inc) ZwCreateKey [0xF766FC8E]
Code fd5c49aced94763cd8b4c7ddb71bf468.sys (ckmd/Noves Inc) ZwEnumerateKey [0xF766FD13]
Code fd5c49aced94763cd8b4c7ddb71bf468.sys (ckmd/Noves Inc) ZwOpenKey [0xF766FC10]
Code fd5c49aced94763cd8b4c7ddb71bf468.sys (ckmd/Noves Inc) ZwQueryDirectoryFile [0xF766F999]
Code fd5c49aced94763cd8b4c7ddb71bf468.sys (ckmd/Noves Inc) IoCreateFile
Code fd5c49aced94763cd8b4c7ddb71bf468.sys (ckmd/Noves Inc) NtQueryDirectoryFile

---- Devices - GMER 1.0.14 ----

AttachedDevice \FileSystem\Ntfs \Ntfs SYMEVENT.SYS (Symantec Event Library/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Services - GMER 1.0.14 ----

Service C:\WINDOWS\system32\fd5c49aced94763cd8b4c7ddb71bf468.sys (*** hidden *** ) [BOOT] fd5c49aced94763cd8b4c7ddb71bf468 <-- ROOTKIT !!!

---- Registry - GMER 1.0.14 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\fd5c49aced94763cd8b4c7ddb71bf468
Reg HKLM\SYSTEM\CurrentControlSet\Services\fd5c49aced94763cd8b4c7ddb71bf468@c &registry_path=\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\fd5c49aced94763cd8b4c7ddb71bf468&download_period=846000&first_download_delay=180&version=2&ip_0=586742989&port_0=7000&max_fails_0=5&ip_1=704183501&port_1=8300&max_fails_1=5&ip_2=2241985741&port_2=9002&max_fails_2=2&ip_3=1512966353&port_3=11234&max_fails_3=2&ips_count=4&name=fd5c49aced94763cd8b4c7ddb71bf468&path=system32\fd5c49aced94763cd8b4c7ddb71bf468.sys&wmid=Dkh10219&idate=2009-01-14 08:34:47:250&last_download_time=2009-1-14 8:38:22.859&first_skip=1
Reg HKLM\SYSTEM\CurrentControlSet\Services\fd5c49aced94763cd8b4c7ddb71bf468@Type 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\fd5c49aced94763cd8b4c7ddb71bf468@Start 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\fd5c49aced94763cd8b4c7ddb71bf468@ErrorControl 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\fd5c49aced94763cd8b4c7ddb71bf468@Tag 5
Reg HKLM\SYSTEM\CurrentControlSet\Services\fd5c49aced94763cd8b4c7ddb71bf468@ImagePath system32\fd5c49aced94763cd8b4c7ddb71bf468.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\fd5c49aced94763cd8b4c7ddb71bf468@DisplayName fd5c49aced94763cd8b4c7ddb71bf468
Reg HKLM\SYSTEM\CurrentControlSet\Services\fd5c49aced94763cd8b4c7ddb71bf468@Group System Bus Extender
Reg HKLM\SYSTEM\CurrentControlSet\Services\fd5c49aced94763cd8b4c7ddb71bf468\Security
Reg HKLM\SYSTEM\CurrentControlSet\Services\fd5c49aced94763cd8b4c7ddb71bf468\Security@Security 0x01 0x00 0x14 0x80 ...
Reg HKLM\SYSTEM\ControlSet002\Services\fd5c49aced94763cd8b4c7ddb71bf468
Reg HKLM\SYSTEM\ControlSet002\Services\fd5c49aced94763cd8b4c7ddb71bf468@c &registry_path=\REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\fd5c49aced94763cd8b4c7ddb71bf468&download_period=846000&first_download_delay=180&version=2&ip_0=586742989&port_0=7000&max_fails_0=5&ip_1=704183501&port_1=8300&max_fails_1=5&ip_2=2241985741&port_2=9002&max_fails_2=2&ip_3=1512966353&port_3=11234&max_fails_3=2&ips_count=4&name=fd5c49aced94763cd8b4c7ddb71bf468&path=system32\fd5c49aced94763cd8b4c7ddb71bf468.sys&wmid=Dkh10219&idate=2009-01-14 08:34:47:250&last_download_time=2009-1-14 8:38:22.859&first_skip=1
Reg HKLM\SYSTEM\ControlSet002\Services\fd5c49aced94763cd8b4c7ddb71bf468@Type 1
Reg HKLM\SYSTEM\ControlSet002\Services\fd5c49aced94763cd8b4c7ddb71bf468@Start 0
Reg HKLM\SYSTEM\ControlSet002\Services\fd5c49aced94763cd8b4c7ddb71bf468@ErrorControl 0
Reg HKLM\SYSTEM\ControlSet002\Services\fd5c49aced94763cd8b4c7ddb71bf468@Tag 5
Reg HKLM\SYSTEM\ControlSet002\Services\fd5c49aced94763cd8b4c7ddb71bf468@ImagePath system32\fd5c49aced94763cd8b4c7ddb71bf468.sys
Reg HKLM\SYSTEM\ControlSet002\Services\fd5c49aced94763cd8b4c7ddb71bf468@DisplayName fd5c49aced94763cd8b4c7ddb71bf468
Reg HKLM\SYSTEM\ControlSet002\Services\fd5c49aced94763cd8b4c7ddb71bf468@Group System Bus Extender
Reg HKLM\SYSTEM\ControlSet002\Services\fd5c49aced94763cd8b4c7ddb71bf468\Security
Reg HKLM\SYSTEM\ControlSet002\Services\fd5c49aced94763cd8b4c7ddb71bf468\Security@Security 0x01 0x00 0x14 0x80 ...

---- Files - GMER 1.0.14 ----

File C:\WINDOWS\system32\fd5c49aced94763cd8b4c7ddb71bf468.sys 39936 bytes executable <-- ROOTKIT !!!

---- EOF - GMER 1.0.14 ----

Hmm, I think the rootkit may have returned.
Please run the gmer command again.

Then try the avenger using this script.

http://www.geekpolice.net/malware-removal-hijackthis-logs-f11/help-for-a-girl-who-s-not-really-computer-savvy-please-t5959.htm#36155

Command was successfully execute

Avenger still didn't work.

Now when I click on Avenger a black dialog box pops up but for only a second. This is different than earlier.

Does it still block the avenger if you rename it?
Try that please.

Hello.
Please disable Symantec, I think that is what is preventing the revomal as GMER is flagging part of Symantec as a rootkit.

If that fail, we can try to disable the rootkit.

How do I go about disabling it? Should I remove anything with Symantec in it or remove anything with Norton in it? I went into my programs and didn't find one that was just named Symantic. Maybe I'm looking in the wrong place.

Right click the Norton/Symantec icon in the tray in the corner and exit it so they are not active.

Ok I figured it out. Now I'll try the Avenger again.